When US Secretary of State Rex Tillerson was telling the Russians and the US state press yesterday to stop hacking into American politics, sitting beside him was a former US Navy signals officer and lawyer named Margaret Peterlin (lead image, red circle). Peterlin’s job for the last two years was managing a Boston company specializing in cyber warfare weapons, including the latest in US computer programmes to mimic foreign hackers and convince US targets they have been hacked by Russians. Peterlin was also an advisor to Donald Trump during the presidential transition. Her targets then included Hillary Clinton and her campaign organization.

Peterlin was born in Alabama, and for most her career she has worked for southerners. Her appointment at the State Department as Tillerson’s chief of staff is currently blank on the Department’s website.

Peterlin’s appointment to run Tillerson’s office was announced more authoritatively by the Washington Post on February 12. There her Texas Republican Party credentials were reported in detail, but not her expertise in signals, codes, and cyber warfare.

“Peterlin has a wealth of government and private-sector experience. After distinguished service as a naval officer, she graduated from the University of Chicago Law School and clerked for the U.S. Court of Appeals for the 5th Circuit [Texas and Louisiana]. She then went to work for House Majority Leader Dick Armey [Republican, Texas], just days before the 9/11 attacks. Afterward, she helped negotiate and draft key pieces of national security legislation, including the authorization for the use of force in Afghanistan, the Patriot Act and the legislation that established the Department of Homeland Security. ‘She’s very substance- and policy-focused. She’s not necessarily a political person,’ said Brian Gunderson, a State Department chief of staff for Condoleezza Rice who worked with Peterlin in the House [Armey’s office]. Following a stint as legislative counsel and national security adviser for then-House Speaker Dennis Hastert, Peterlin moved over to the Commerce Department, where she served as the No. 2 official in the Patent and Trademark Office.”

Peterlin’s appointment triggered a lawsuit by a group of patent lawyers and investors against the Secretary of Commerce. On July 23, 2007, two months after Peterlin was sworn in, papers filed in the US District Court for the District of Columbia charged that Peterlin’s appointment violated the Patent Act of 1999 requiring the Director and Deputy Director of the Patent Office to have “professional experience and background in patent or trademark law.” Peterlin, the lawsuit charged, “lack[ed] the requisite professional experience and background.” The court was asked to order a replacement for Peterlin “who fulfills those requirements.” Six months later, in December 2007 Judge James Robertson dismissed the case on several technicalities. Peterlin’s lack of professional skill and alleged incompetence were not tested in court. Peterlin didn’t last long in her job and left in 2008.

Left: Peterlin at Commerce in May 2007. Right: Peterlin at State in February 2017. According to her social media resume, “Margaret and her husband live with their three, young children just outside of Washington, D.C. While her travels have slowed down a little bit, she is ‘on her way to 100 countries. 79 down. 21 to go. ‘ When she cannot escape to an airport or a port to see the world, she finds solace in biking”. Peterlin’s husband is Daniel Keniry, who worked in Republican staff posts in the Congress and the George W. Bush Administration. He has subsequently made his living as a lobbyist for US insurance companies.

Peterlin’s career publications focus on computer and internet surveillance, interception, and espionage. She started with a 1999 essay entitled “The law of information conflict: national security in cyberspace.” In December 2001, with two co-authors, she published a paper at the Federalist Society in Washington entitled “The USA Patriot Act and information sharing between the intelligence and law enforcement communities”. It can be read in full here.

Peterlin argued “the unalterable need for greater information sharing means that the U.S. no longer has the luxury of simply separating law enforcement and intelligence agencies. Separation is a security risk.” Peterlin’s conclusion: “Who performs the surveillance may also matter, but the conditions of the performance are of the most critical importance…the focus of attention should be principally on the techniques by which intelligence is gathered domestically and not on whether other members of the intelligence community are permitted to view the intelligence gathered as a result of those operations.”

After she left the Patent and Trademark Office in 2008, Peterlin became an employee of the Mars family companies with the job title, “technology strategy officer”. That lasted six years, before she went into business for herself at a consulting company she called Profectus Global Corporation. There is almost no trace of that entity on the internet; it appears unrelated to similarly named entities in Hungary and Australia. Peterlin then joined XLP Capital in Boston in November 2015.

Peterlin’s appointment as managing director of the firm, according to XLP’s press release, reveals that when Peterlin was in the US Navy she was a cyber communications specialist. She was also seconded by the Navy to the White House as a Navy “social aide” when Hillary Clinton was First Lady.

XLP didn’t mention that at the time Peterlin was hired, she was also a board member at Draper Labs, the Massachusetts designer, among many things, of US missile guidance systems and the cyber weapons to combat them. According to XLP, one of Peterlin’s selling points was “extensive experience with administrative law as well as deep operations exposure to Federal agencies, including the Departments of Homeland Security, Justice, Defense, and Health and Human Services.” For deep operations, read cyber warfare.

Before Peterlin joined Tillerson two months ago, her employer at XLP Capital was Matthew Stack (below).

In his internet resume Stack reports he is “an accomplished computer hacker and cryptanalyst, and has written and advised on state-run network cyber-warfare policy, and agility-based strategic combat. He was recognized in 2009 by Hackaday as one of the top 10 most influential hardware hackers.” Before Stack is tempted to reduce his public pride in that accomplishment, here is the website screen shot:

At Lambda Prime, Stack claims credit for two cyber warfare projects in 2013 – the practical, “weaponized virtual machines with heterogenous nodes for unpredictable and agile offensive fronts” and the theoretical, “Clausewitz, a modern theory of grand strategy for cyber military forces, and the role of guerilla cyber tactics”. The following year Stack hosted his first “Annual Hackathon” — “Hackathoners flew in from all across the United States to inhabit a 27 acre, early 1900s mansion that serves as the Lambda Prime corporate headquarters”.

On social media Stack has revealed his involvement in internet hacking operations in Kiev; also which side he was on. “Ominous clouds hang over Kiev’s central square, like Russia over its post-Soviet era neighboring Slavic states, “ Stack instagrammed to his followers. “The country may be a mess, but Kiev has the fastest internet I’ve ever clocked – now I know why so many hackers live in Kiev. Thanks to my amazing tour guide @m.verbulya.”

Stack, who started with family money he incorporated as the Stack Family Office and diversified into computer engineering and IT technology investments, is a decade younger than Peterlin. Both of them have worked on cyber weaponry for US Government agencies. According to the Wikileaks release last month of the Central Intelligence Agency’s (CIA) “Vault 7” files, these weapons include UMBRAGE.

This was developed for the CIA’s Remote Devices Branch; the leaked files for the UMBRAGE operations date from 2012 to 2016. The CIA’s UMBRAGE operation “collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from. UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.”

Some of the UMBRAGE components date from 2012; most from 2014. A leaked memo dated June 19, 2013, reveals one of the UMBRAGE managers telling others: “As far as Stash organization, I would recommend that you create one larger “Umbrage” project, and then create separate repositories within that project for each component. Then there is one central point on the site for ‘all things Umbrage’.”

Reporting on the applications of UMBRAGE lack conclusiveness on whether US Government agents have used UMBRAGE as a “factory for false flag hacking operations” to make the intrusions into the US election campaign, which have subsequently been blamed on Russian cyber operations – blame Tillerson endorsed in his press conference in Moscow yesterday. For that story, read this.

According to another report, “it would be possible to leave such fingerprints if the CIA were reusing unique source code written by other actors to intentionally implicate them in CIA hacks, but the published CIA documents don’t say this. Instead, they indicate the UMBRAGE group is doing something much less nefarious.”

Yesterday Tillerson claimed to make “a distinction when cyber tools are used to interfere with the internal decisions among countries as to how their elections are conducted. That is one use of cyber tools. Cyber tools to disrupt weapons programs – that’s another use of the tools.” With Peterlin prompting by his side during his meetings with Lavrov and Putin, Tillerson knew this was not a distinction US cyber operations against Russia make.

What Tillerson knows also is that Peterlin has spent most of her career participating in these operations. Whether or not the CIA’s Operation UMBRAGE has been used to manufacture the appearance of Russian hacking in the US elections, Peterlin knows exactly how to do it, and where it’s done at the CIA, the Pentagon, and other agencies. Peterlin has also drafted the memoranda so that for Americans to do it, it’s legal. And for men like Stack, something to boast about.

Peterlin’s and Stack’s public records are two reasons why none of this is secret from the Russian services. That’s another reason why in Moscow yesterday Lavrov would not look at Tillerson during their press conference — and why Putin refused to be photographed with him.